Snort
Tool and Usage
Project details
- License
- GPLv2
- Programming language
- C
- Author
- Marty Roesch
- Latest release
- 2.9.11.1
- Latest release date
Project health
Introduction
Besides intrusion detection, Snort has the capabilities to prevent attacks. By taking a particular action based on traffic patterns, it can become an intrusion prevention system (IPS).
Background information
Snort 3.0 was introduced in 2014 and is the first multi-threaded version. The tooling being single-threaded was a downside compared with similar tools.
Usage and audience
Snort is commonly used for security monitoring. Target users for this tool are system administrators.
Features
- Customization and additions are possible
- Extendable with custom tests and plugins
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
Strengths
- + Supported by a large company
- + Well-known tool
Installation
Supported operating systems
Snort is known to work on FreeBSD, Linux, Microsoft Windows, and macOS.
Snort alternatives
Similar tools to Snort:
Suricata
Network threat detection engine that acts as intrusion detection (IDS), inline intrusion prevention (IPS), and network security monitoring (NSM)
Zeek
Zeek is a network security monitoring tool (NSM) and helps with monitoring. It can also play an active rol in performing forensics and incident response.
Scirius
Scirius is a web application to do Suricata ruleset management. There is both a community version as paid version available.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
Categories
This tool is categorized as a intrusion prevention system software and network intrusion detection tool.